AMENDMENT TO THE TT AIMS 

1. (Currently Amended) A method for providing security in a computer system, 
comprising: 

controlling a c cess to id e ntifying selected information for protectio n using attributes 
defined in a first table ; 

controlling access to the selected information using a second table that associates at least 
one of a read and write privilege with one or more indicating at l e ant one physical 
addresses of a memory that houses the selected informatio n as at l e ast on e of r e ad 
and write disabled; 
receiving a request from a program to access the information; and 
allowing accessing tothe information in response to determining that the program has the 
authority to access the informatio n based on at least one of the read and write 
privilege , 

2. (Currently Amended) The method of claim* 1, wherein controlling access to the 
selected information based on the privilege indicating at least on e physical ndrtraw nf thr> 
memory includ e s comprises : 

g e n e rating a tabl e based on the physical addr e ss e s of th e memory; and 

indicating in the second table that the memory housing the information is at least one of 
read and write disabled. 
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3. (Currently Amended) The method of claim 2, wherein the second t able is a 
bitmap based on physical addresses of the memory. 

4. (Original) The method of claim 1, wherein the program is an operating system. 

5. (Currently Amended) The method of claim 1, wherein the selected information is 
at least one of interrupt descriptor table, global descriptor table, and local descriptor table. 

6. (Currently Amended) The method of claim 1, wherei n allowing accessing tojhe 
information in response to determining that the program has the authority to access the 
information includes using a stack ei^in the computer system to verify the identity of the 
program. 

7. (Original) A method for providing security, comprising: 
writing to at least one register to define a privileged memory region; 

defining at least one computer instruction as a privileged instruction, wherein the 

privileged instruction is resident in the privileged memory region; 
identifying information for protection; 

indicating at least one physical address of a memory that houses the information as at 

least one of read and write disabled; and 
controlling the access to the information using the privileged instruction. 
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8. (Original) The method of claim 7, further including writing to a second register, 
wherein the first and second registers define the privileged memory region. 

9. (Original) The method of claim 7, wherein indicating at least one physical 
address of the memory includes: 

generating a table based on the physical addresses of the memory; and 
indicating in the table that the memory housing the information is at least one of read and 
write disabled. 

10. (Original) The method of claim 7, wherein the information is at least one of 
interrupt descriptor table, global descriptor table, and local descriptor table. 

11. (Currently Amended) A computer readable program storage device encoded with 
instructions that, when executed by a computer, performs a method of providing security, 
comprising: 

protecting selected id e ntifying information for prot e ctio nu sing a first level of security 

specifying access privileges to the selected information ; 
protecting the information using a second level of security that associates at least one of a 

read and write privilege with one or more indicating at l e ast on e physical 

addresses of a memory that houses the selected information as at l e ast on e of r e ad 

and writ e disabled ; 
receiving a request from a program to access the selected information: and 
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accessing the information in response to determining that the program has the authority to 
access the selected informatio n based at least on the second security level . 



12. (Original) The computer readable program storage device of claim 11, wherein 
indicating at least one physical address of the memory includes: 

generating a table based on the physical addresses of the memory; and 
indicating in the table that the memory housing the information is at least one of read and 
write disabled. 

13. (Currently Amended) The computer readable program storage device of claim 
12, wherein the table includes an entry specifying access rights to the selected informatio n based 
on one or more programs desiring to access the selected information . 

14. (Original) The computer readable program storage device of claim 11, wherein 
the information is at least one of interrupt descriptor table, global descriptor table, and local 
descriptor table. 

15. (Currently Amended) An apparatus, comprising: 
a memory comprising; 

a first level of protection specifying access privileges for selected information; and 
a privileged code, the privileged code capable of: 
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protecting r e c e iving a request to protoct a ccess to the selected information 

based on a second level of protection in which at least one of a read and 

write privilege is associated with ■ 
indicating at least ono the physical address of a memory housing the information 

as at least on e of r e ad and writ e disabled ; 
receiving a request from a program to access the information; and 
allowing acc e ssing access to the information in response to determining that the 

program has the authority to access the information based on at least one 

of the read and write privilege . 

16. (Original) The apparatus of claim 15, wherein the privileged code capable of 
indicating at least one physical address of the memory includes the privileged code being capable 
of: 

generating a table based on the physical addresses of the memory; and 
indicating in the table that the memory housing the information is at least one of read and 
write disabled. 



17. (Original) The apparatus of claim 15, wherein the program is an operating 



system. 



18. (Original) The apparatus of claim 15, wherein the information is at least one of 
interrupt descriptor table, global descriptor table, and local descriptor table. 
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19. (Currently Amended) A system, comprising: 
a processor; and 

a memory coupled to the processor, the memory comprising: 
a table specifying access privileges for selected information; and 
a privileged code capable of: 

protectin g r e c e iving a r e qu e st to protec t access to the selected information 

based a second table specifying association of at least one of a read and 

write privilege witfe 

indicating at least one physical address of a memory housing the information-as-at 

l e ast on e of read and writ e disabl e d ; 
receiving a request from a program to access the information; and 
allowing accessmg to the information in response to determining that the program 

has the authority to access the informatio n based on at least one of the read 

and write privilege . 

20. (Original) The system of claim 19, wherein the privileged code capable of 
indicating at least one physical address of the memory includes the privileged code being capable 
of: 

generating a table based on the physical addresses of the memory; and 
indicating in the table that the memory housing the information is at least one of read and 
write disabled. 

21. (Original) The system of claim 19, wherein the program is an operating system. 
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22. (Original) The system of claim 19, wherein the information is at least one of 
interrupt descriptor table, global descriptor table, and local descriptor table. 

23. (Original) The system of claim 19, wherein the processor is an x86 processor. 

24. (Currently Amended) An apparatus for providing security, comprising: 

means for providing a first table of at least write protection for selected id e ntifying 
information for prot e ction ; 




means for providing a second table of at least one of read and write protection for the 
selected information associated with one or more indicating at l e ast on e physical 
addresses of a memory that houses the selected information as at l e ast on e of read 
and writ e disabl e d ; 

means for receiving a request from a program to access the information; and 

means for allowing access to acc e ssing t he information in response to determining that 

the program has the authority to access the informatio n based on at least the first 

and second tables. 
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